Vulnerabilities > CVE-2021-36298 - Unspecified vulnerability in Dell Isilon Insightiq Firmware

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

dell

critical

NVD

Published: 2021-10-01

Updated: 2024-11-21

Summary

Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete control of InsightIQ to affect services provided by SSH; so Dell recommends customers to upgrade at the earliest opportunity.

Vulnerable Configurations

Part	Description	Count
OS	Dell Dell Isilon Insightiq Firmware *	1
Hardware	Dell Dell Isilon Insightiq *	1

References

https://www.dell.com/support/kbdoc/000191604
https://www.dell.com/support/kbdoc/000191604